Local Account Management
Centrify administrators use the Local Account Management feature to create, manage, lock, and delete local UNIX and Linux user and group accounts. The Local Account Management audit events focus on local users, groups, and accounts.
Local Account Management Audit Event Log Sample
The following is a sample of an audit event log for Centrify Audit Event ID 51300. This log sample documents the removal of a local user from a local password file. The change was made by user=root on November 25 at 16:51:20.
Nov 25 16:51:20 rhed57x64v3 adclient[4423]: INFO
AUDIT_TRAIL|Centrify Suite|Local Account
Management|1.0|300|Removing local user from local passwd
file|5|user=root pid=4423 utc=1448441900487 CentrifyEventID=51300
DAInst=AuditingInstallation
DASessID=c72252aa-e616-44ff-a5f6-d3f53f09bb67
status=SUCCESS removedUser=locud01
Local Account Management Audit Events
Event Source Category: Local Account Management
| Event Id | Description | Parameters |
|---|---|---|
| 51100 | Adding enabled local user to local passwd file | enabledUser: enabled local user |
| 51200 | Adding disabled local user to local passwd file | disabledUser: disabled local user |
| 51300 | Removing local user from local passwd file | removedUser: removed local user |
| 51400 | Local user is marked as disabled | localUser: local user |
| 51500 | Local user is marked as enabled | localUser: local user |
| 51101 | Local passwd file update failed | reason: error message |
| 51600 | Invoking notification cli succeeded | parameters: parameters |
| 51601 | Invoking notification cli failed | reason: error message |
| 52000 | Adding enabled local group to local group file | enabledGroup: enabled local group |
| 52100 | Removing local group from local group file | removedGroup: removed local group |
| 52001 | Local group file update failed | reason: error message |
| 53000 | Managing local accounts succeeded | parameters: parameters |
| 53001 | Managing local accounts failed | parameters: parameters reason: error message |
| 53100 | Added enabled local user added in Release 2020 | localuser: user name |
| 53101 | Added disabled local user added in Release 2020 | localuser: user name |
| 53102 | Failed to add local user added in Release 2020 | localuser: user name reason: error message |
| 53103 | Removed local user added in Release 2020 | localuser: user name |
| 53104 | Failed to remove local user added in Release 2020 | localuser: name reason: error message |
| 53105 | Enabled local user added in Release 2020 | localuser: user name |
| 53106 | Failed to enable local user added in Release 2020 | localuser: user name reason: error message |
| 53107 | Disabled local user added in Release 2020 | localuser: user name |
| 53108 | Failed to disable local user added in Release 2020 | localuser: user name reason: error message |
| 53109 | Modified local user added in Release 2020 | localuser: user name |
| 53110 | Failed to modify local user added in Release 2020 | localuser: user name reason: error message |
| 53111 | Added local group added in Release 2020 | localgroup: group name |
| 53112 | Failed to add local group added in Release 2020 | localgroup: group name reason: error message |
| 53113 | Removed local group added in Release 2020 | localgroup: group name |
| 53114 | Failed to remove local group added in Release 2020 | localgroup: group name reason: error message |
| 53115 | Modified local group added in Release 2020 | localgroup: group name |
| 53116 | Failed to modify local group added in Release 2020 | localgroup: group name reason: error message |
| 53117 | Managed local users and groups added in Release 2020 | |
| 53118 | Failed to manage local users and groups added in Release 2020 | reason: Reason for failure |
| 53119 | Invoked notification command added in Release 2020 | command: notification command |
| 53120 | Failed to invoke notification command added in Release 2020 | reason: Reason for failure |